CVE-2025-71115
ADVISORY - nistSummary
In the Linux kernel, the following vulnerability has been resolved:
um: init cpu_tasks[] earlier
This is currently done in uml_finishsetup(), but e.g. with KCOV enabled we'll crash because some init code can call into e.g. memparse(), which has coverage annotations, and then the checks in check_kcov_mode() crash because current is NULL.
Simply initialize the cpu_tasks[] array statically, which fixes the crash. For the later SMP work, it seems to have not really caused any problems yet, but initialize all of the entries anyway.
EPSS Score: 0.00108 (0.014)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Use of Uninitialized Resource
Sign in to Docker Scout
See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.
Sign in